ISO27001 / ISO27002 A Pocket Guide

CHAPTER 2: BACKGROUND TO THE STANDARDS

The very first formal information security standard, BS7799, was originally issued in the UK in April 1999, as a two-part standard. An earlier code of practice had been substantially revised and became Part 1 of the new standard (BS7799-1:1999) and a new Part 2 (BS7799-2:1999) was drafted and added.

The link between the two standards was created at this point:

• Part 1 was a code of practice

• Part 2 was a specification for an ISMS that deployed controls selected from the code of practice.

The original Part 2 specified, in the main body of the standard, the same set of controls that were described, in far greater detail (particularly with regard to implementation) in Part 1. These controls were later removed ...

Get ISO27001 / ISO27002 A Pocket Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISO27001 / ISO27002 A Pocket Guide by

CHAPTER 2: BACKGROUND TO THE STANDARDS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly